lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20120224.174726.1107636579816083287.davem@davemloft.net>
Date:	Fri, 24 Feb 2012 17:47:26 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	pablo@...filter.org
Cc:	netdev@...r.kernel.org, netfilter-devel@...r.kernel.org
Subject: Re: [PATCH 1/2] netlink: netlink_dump_start may take data pointer
 for callbacks

From: pablo@...filter.org
Date: Fri, 24 Feb 2012 23:14:07 +0100

> From: Pablo Neira Ayuso <pablo@...filter.org>
> 
> This patch modifies the netlink_dump_start function to take one
> generic pointer to data. This pointer can be used inside the
> dump() and done() callbacks via cb->data.
> 
> Netfilter is going to use this patch to provide filtered dumps
> to user-space. This is specifically interesting in ctnetlink that
> may handle lots of conntrack entries. We can save precious
> cycles by skipping the conversion to TLV format of conntrack
> entries that are not interesting for user-space.
> 
> More specifically, ctnetlink will include one operation to allow
> to filter the dumping of conntrack entries by ctmark values.
> 
> Signed-off-by: Pablo Neira Ayuso <pablo@...filter.org>

This isn't really your fault but netlink_dump_start() has an
enormous number of arguments.

Several of them are zero or NULL in all except one special situation.

An entire argument is a lot of overhead for one situation to impose on
all the others.

I have no objection to the data callback scheme, it's just that
the argument list of this interface is getting out of control.

Usually, in situations like this, we have some control structure
that holds all the control state and we pass that in instead.

	struct netlink_dump_control c = { .dump = dump, .done = done, ... };

	netlink_dump_start(..., &c);

It could be perhaps used here to get things back under control.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ